Skip to content

Commit 0904e07

Browse files
authored
build - Add vsix sign steps (#844)
1 parent 2ee3c96 commit 0904e07

File tree

3 files changed

+77
-14
lines changed

3 files changed

+77
-14
lines changed

.azure-pipelines/ci.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -50,9 +50,9 @@ extends:
5050
jdkArchitectureOption: x64
5151
jdkSourceOption: PreInstalled
5252
- task: NodeTool@0
53-
displayName: Use Node 16.x
53+
displayName: Use Node 18.x
5454
inputs:
55-
versionSpec: 16.x
55+
versionSpec: 18.x
5656
- task: Npm@1
5757
displayName: npm install
5858
inputs:

.azure-pipelines/nightly.yml

Lines changed: 38 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -47,9 +47,9 @@ extends:
4747
clean: true
4848
fetchTags: true
4949
- task: NodeTool@0
50-
displayName: Use Node 16.x
50+
displayName: Use Node 18.x
5151
inputs:
52-
versionSpec: 16.x
52+
versionSpec: 18.x
5353
- task: JavaToolInstaller@0
5454
displayName: Use Java 17
5555
inputs:
@@ -110,11 +110,8 @@ extends:
110110
script: |-
111111
node ./scripts/prepare-nightly-build.js
112112
mv ./package.insiders.json ./package.json
113-
- task: Bash@3
114-
displayName: vsce package --pre-release
115-
inputs:
116-
targetType: inline
117-
script: npx @vscode/vsce@latest package --pre-release
113+
- script: npx @vscode/vsce@latest package --pre-release -o extension.vsix
114+
displayName: 'vsce package --pre-release'
118115
### Copy files for APIScan
119116
- task: CopyFiles@2
120117
displayName: "Copy Files for APIScan"
@@ -134,8 +131,41 @@ extends:
134131
condition: and(succeeded(), ne(variables['DisableAPIScan'], 'true'))
135132
env:
136133
AzureServicesAuthConnectionString: runAs=App;AppId=$(ApiScanClientId);TenantId=$(ApiScanTenant);AppKey=$(ApiScanSecret)
134+
- script: npx @vscode/vsce@latest generate-manifest -i extension.vsix -o extension.manifest
135+
displayName: 'Generate extension manifest'
136+
- script: cp extension.manifest extension.signature.p7s
137+
displayName: 'Prepare manifest for signing'
138+
- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@5
139+
inputs:
140+
ConnectedServiceName: 'ESRP-Release-Test'
141+
AppRegistrationClientId: '1992ee18-e9d2-42d6-ab20-94dd947a44b6'
142+
AppRegistrationTenantId: '72f988bf-86f1-41af-91ab-2d7cd011db47'
143+
AuthAKVName: 'vscjavaci'
144+
AuthCertName: 'vscjava-esrprelease-auth'
145+
AuthSignCertName: 'VSCJava-CodeSign'
146+
FolderPath: '.'
147+
Pattern: 'extension.signature.p7s'
148+
signConfigType: inlineSignParams
149+
inlineOperation: |
150+
[
151+
{
152+
"keyCode": "CP-401405",
153+
"operationSetCode": "VSCodePublisherSign",
154+
"parameters" : [],
155+
"toolName": "sign",
156+
"toolVersion": "1.0"
157+
}
158+
]
159+
SessionTimeout: 90
160+
MaxConcurrency: 25
161+
MaxRetryAttempts: 5
162+
PendingAnalysisWaitTimeoutMinutes: 5
163+
displayName: 'Sign extension'
137164
- task: CopyFiles@2
138165
displayName: "Copy Files to: $(Build.ArtifactStagingDirectory)"
139166
inputs:
140-
Contents: "*.vsix"
167+
Contents: |
168+
extension.vsix
169+
extension.manifest
170+
extension.signature.p7s
141171
TargetFolder: $(Build.ArtifactStagingDirectory)

.azure-pipelines/rc.yml

Lines changed: 37 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -42,9 +42,9 @@ extends:
4242
clean: true
4343
fetchTags: true
4444
- task: NodeTool@0
45-
displayName: Use Node 16.x
45+
displayName: Use Node 18.x
4646
inputs:
47-
versionSpec: 16.x
47+
versionSpec: 18.x
4848
- task: JavaToolInstaller@0
4949
displayName: Use Java 17
5050
inputs:
@@ -102,7 +102,7 @@ extends:
102102
displayName: vsce package
103103
inputs:
104104
targetType: inline
105-
script: npx @vscode/vsce@latest package
105+
script: npx @vscode/vsce@latest package -o extension.vsix
106106
### Copy files for APIScan
107107
- task: CopyFiles@2
108108
displayName: "Copy Files for APIScan"
@@ -122,8 +122,41 @@ extends:
122122
condition: and(succeeded(), ne(variables['DisableAPIScan'], 'true'))
123123
env:
124124
AzureServicesAuthConnectionString: runAs=App;AppId=$(ApiScanClientId);TenantId=$(ApiScanTenant);AppKey=$(ApiScanSecret)
125+
- script: npx @vscode/vsce@latest generate-manifest -i extension.vsix -o extension.manifest
126+
displayName: 'Generate extension manifest'
127+
- script: cp extension.manifest extension.signature.p7s
128+
displayName: 'Prepare manifest for signing'
129+
- task: SFP.build-tasks.custom-build-task-1.EsrpCodeSigning@5
130+
inputs:
131+
ConnectedServiceName: 'ESRP-Release-Test'
132+
AppRegistrationClientId: '1992ee18-e9d2-42d6-ab20-94dd947a44b6'
133+
AppRegistrationTenantId: '72f988bf-86f1-41af-91ab-2d7cd011db47'
134+
AuthAKVName: 'vscjavaci'
135+
AuthCertName: 'vscjava-esrprelease-auth'
136+
AuthSignCertName: 'VSCJava-CodeSign'
137+
FolderPath: '.'
138+
Pattern: 'extension.signature.p7s'
139+
signConfigType: inlineSignParams
140+
inlineOperation: |
141+
[
142+
{
143+
"keyCode": "CP-401405",
144+
"operationSetCode": "VSCodePublisherSign",
145+
"parameters" : [],
146+
"toolName": "sign",
147+
"toolVersion": "1.0"
148+
}
149+
]
150+
SessionTimeout: 90
151+
MaxConcurrency: 25
152+
MaxRetryAttempts: 5
153+
PendingAnalysisWaitTimeoutMinutes: 5
154+
displayName: 'Sign extension'
125155
- task: CopyFiles@2
126156
displayName: "Copy Files to: $(Build.ArtifactStagingDirectory)"
127157
inputs:
128-
Contents: "*.vsix"
158+
Contents: |
159+
extension.vsix
160+
extension.manifest
161+
extension.signature.p7s
129162
TargetFolder: $(Build.ArtifactStagingDirectory)

0 commit comments

Comments
 (0)